javax.crypto.AEADBadTagException and android.security.KeyStoreException

[sayasheng]

Before opening, please confirm:

• I have searched for duplicate or closed issues and discussions.

Language and Async Model

Java

Amplify Categories

GraphQL API

Gradle script dependencies

// Put output below this line
 api "amplifyframework:core:$amplify"
    api "amplifyframework:aws-auth-cognito:2.4.11"
    api "amplifyframework:aws-api-appsync:2.4.11"
    api "amplifyframework:aws-api:2.4.11"

Environment information

# Put output below this line
------------------------------------------------------------
Gradle 7.5
------------------------------------------------------------

Build time:   2022-07-14 12:48:15 UTC
Revision:     c7db7b958189ad2b0c1472b6fe663e6d654a5103

Kotlin:       1.6.21
Groovy:       3.0.10
Ant:          Apache Ant(TM) version 1.10.11 compiled on July 10 2021
JVM:          11.0.8-internal (Oracle Corporation 11.0.8-internal+0-adhoc..jdk11u)
OS:           Windows 10 10.0 amd64

Please include any relevant guides or documentation you're referencing

No response

Describe the bug

02-20 14:36:40.059 E/AndroidRuntime( 4405): java.security.KeyStoreException: the master key android-keystore://amplify_master_key exists but is unusable
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.readOrGenerateNewMasterKey(AndroidKeysetManager.java:275)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.build(AndroidKeysetManager.java:236)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at androidx.security.crypto.EncryptedSharedPreferences.create(EncryptedSharedPreferences.java:123)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository.getSharedPreferencesOrThrow(EncryptedKeyValueRepository.kt:110)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository.openKeystoreWithAmplifyMasterKey(EncryptedKeyValueRepository.kt:86)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository.getOrCreateSharedPreferences(EncryptedKeyValueRepository.kt:64)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository.access$getOrCreateSharedPreferences(EncryptedKeyValueRepository.kt:32)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository$sharedPreferences$2.invoke(EncryptedKeyValueRepository.kt:48)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository$sharedPreferences$2.invoke(EncryptedKeyValueRepository.kt:48)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at kotlin.SynchronizedLazyImpl.getValue(LazyJVM.kt:74)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository.getSharedPreferences(EncryptedKeyValueRepository.kt:48)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.core.store.EncryptedKeyValueRepository.get(EncryptedKeyValueRepository.kt:51)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.auth.cognito.data.AWSCognitoAuthCredentialStore.retrieveCredential(AWSCognitoAuthCredentialStore.kt:63)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.auth.cognito.actions.CredentialStoreCognitoActions$loadCredentialStoreAction$$inlined$invoke$1.execute(Action.kt:70)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.amplifyframework.statemachine.ConcurrentEffectExecutor$execute$1$1.invokeSuspend(ConcurrentEffectExecutor.kt:26)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:108)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:793)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:697)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:684)
02-20 14:36:40.059 E/AndroidRuntime( 4405): Suppressed: kotlinx.coroutines.internal.DiagnosticCoroutineContextException: [StandaloneCoroutine{Cancelling}@13a33af, Dispatchers.Default]
02-20 14:36:40.059 E/AndroidRuntime( 4405): Caused by: javax.crypto.AEADBadTagException
02-20 14:36:40.059 E/AndroidRuntime( 4405): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:517)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:531)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at javax.crypto.Cipher.doFinal(Cipher.java:2267)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.google.crypto.tink.integration.android.AndroidKeystoreAesGcm.encryptInternal(AndroidKeystoreAesGcm.java:87)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.google.crypto.tink.integration.android.AndroidKeystoreAesGcm.encrypt(AndroidKeystoreAesGcm.java:72)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.google.crypto.tink.integration.android.AndroidKeystoreKmsClient.validateAead(AndroidKeystoreKmsClient.java:248)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.google.crypto.tink.integration.android.AndroidKeystoreKmsClient.getAead(AndroidKeystoreKmsClient.java:165)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at com.google.crypto.tink.integration.android.AndroidKeysetManager$Builder.readOrGenerateNewMasterKey(AndroidKeysetManager.java:267)
02-20 14:36:40.059 E/AndroidRuntime( 4405): ... 20 more
02-20 14:36:40.059 E/AndroidRuntime( 4405): Caused by: android.security.KeyStoreException: Signature/MAC verification failed
02-20 14:36:40.059 E/AndroidRuntime( 4405): at android.security.KeyStore.getKeyStoreException(KeyStore.java:1303)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at android.security.keystore.KeyStoreCryptoOperationChunkedStreamer.doFinal(KeyStoreCryptoOperationChunkedStreamer.java:224)
02-20 14:36:40.059 E/AndroidRuntime( 4405): at android.security.keystore.AndroidKeyStoreCipherSpiBase.engineDoFinal(AndroidKeyStoreCipherSpiBase.java:506)

Reproduction steps (if applicable)

upgrade v1 to v2 and get this issue.

Code Snippet

// Put your code below this line.

Log output

// Put your logs below this line

amplifyconfiguration.json

No response

GraphQL Schema

// Put your schema below this line

Additional information and screenshots

No response

[ankpshah]

Hello, @sayasheng. can you upgrade to latest version of Amplify v2.14.11? Latest release has fix for adding fallback logic for corrupt keys to EncryptedKeyValueRepository.

[sayasheng]

@ankpshah Yes, I already upgraded to Amplify v2.14.11 from v1 yesterday. This issue still happens on v2.14.11 after clearing all data.

[ankpshah]

Hello @sayasheng,
I tried replicating this issue by signing in using v1 (v1.38.8) then upgraded to v2 (v2.14.11). Followed by Sign out and Sign In operation using v2. I was able to sign in without any exceptions or keyStore error.

Here are some questions I have:

1. Is there any specific step to replicate this?
2. What kind of Auth configuration are you using?
3. Which device and API level are you using?
4. Also in issue description under gradle dependencies I see the version as 2.4.11 just want to make sure you are using the latest version of Amplify.

[tylerjroach]

@sayasheng If you have any specific test devices where you can replicate this issue, I would be curious if you are able to use EncryptedSharedPreferences at all on these devices: https://developer.android.com/reference/androidx/security/crypto/EncryptedSharedPreferences.

It is possible that we are running into a limited set of devices where EncryptedSharedPreferences library does not work properly. This class is critical to securely storing information on the device and we cannot operate without it.

Let us know if this is an edge case you are seeing in the wild, or if you have a test device youi can replicate this with.

[sayasheng]

Hello @sayasheng, I tried replicating this issue by signing in using v1 (v1.38.8) then upgraded to v2 (v2.14.11). Followed by Sign out and Sign In operation using v2. I was able to sign in without any exceptions or keyStore error.

Here are some questions I have:

1. Is there any specific step to replicate this?
   @ankpshah Here is my step
   Step 1 : use amplify version 1.37.4 and sign in a user
   Step 2: sign out the user
   Step 3: use amplify version 2.14.11 and use the same user to login
   I got error message "An unclassified error prevented this operation" in this step, however the user can be signed in successfully.
   
   Step 4: sign out the user
   I got KeyStoreException/AEADBadTagException in this step.

2. What kind of Auth configuration are you using?

3. Which device and API level are you using?
   Our device is customize hardware with Android 10. compileSdkVersion is 33.

4. Also in issue description under gradle dependencies I see the version as 2.4.11 just want to make sure you are using the latest version of Amplify.
   yes, I am pretty sure that apk is complied with 2.4.11 because apk compiled with 1.37.4 works fine.
   

[tylerjroach]

@sayasheng Since you mentioned custom hardware, I'm a bit concerned the devices have a non-standard implementation of the Android KeyStore.

Amplify v2 uses the latest official release of EncryptedSharedPrefrences provided directly from Google. This is a best practice for securely encrypting data on the device.

The logs shown indicate that the device attempted to use the apps default master key, but failed. We then tried to create a fallback master key, which is also failing. If the device is unable to use EncryptedSharedPreferences, Amplify v2 will not function properly. Amplify v1 is not failing because it uses its own encryption methods and does not use EncryptedSharedPreferences.

[joon-won]

Closing this issue due to inactivity. Please feel free to open a new issue if required, thank you

[github-actions]

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.

[Uma1r]

I had this issue popup in one of our apps as well, seemed to be limited to 1 specific device but I am curious as to what the path forward maybe as Google seems to have deprecated Jetpack security crypto library. @tylerjroach

https://android-review.googlesource.com/c/platform/frameworks/support/+/2761067

https://developer.android.com/privacy-and-security/cryptography#jetpack_security_crypto_library

[tylerjroach]

@Uma1r We will determine our best past forward away from EncryptedSharedPreferences and internally handle the data migration when it is time to change. While no new updates are being made to EncryptedSharedPreferences, functionality would not immediately break on current versions of Android. It will continue to be used until we have an alternative ready.

[tallaltop7]

This issue still persists, is there any update ?